3 matches found
@averystupidtest/reditor (=3.0.10), @beisen-oneops/amis-ui (>=1.0.0 <=1.0.6) +167 more potentially affected by CVE-2024-51434 via froala-editor (>=2.3.5 <=4.3.0)
froala-editor NPM version =2.3.5, =1.0.0, =1.0.2, =1.0.0, =5.11.0, =1.0.1, =1.0.0, =1.0.0, =6.10.0, =0.1.0, =6.12.0-beat1, =6.12.24 and more Source cves: CVE-2024-51434 Source advisory: OSV:GHSA-549P-5C7F-C5P4...
CVE-2024-51434
creationtimestamp| type| source ---|---|--- 2024-11-07 21:32:34+00:00| seen| https://infosec.exchange/users/cve/statuses/113443809109465362 2024-11-07 23:37:53+00:00| seen| https://t.me/cvedetector/10137...
CVE-2024-51434
CVE-2024-51434 affects Froala WYSIWYG Editor, with versions 4.3.0 and earlier vulnerable due to inconsistent parsing of the tag, enabling cross-site scripting (XSS). The issue is supported by multiple sources in the Connected documents, which identify the affected product and root cause. Impact ...